The present invention relates to the field of network computing. More particularly, the present invention relates to methods, systems, and data structures for-supporting a flexible autonomous network service configuration architecture.
Network technology such as the Internet has revolutionized the way people communicate and do business and promises to have a major impact on the world""s future. A host of Internet sites now offer services that are provided to clients upon request. Such services might include, for example, the making of a flight reservation, the ordering of a book, the selling of a stock, and much more. The providing of such services over the Internet now constitutes a major part of the economy. Still, it is anticipated that these network services will become even more in demand in the future.
The profitability of businesses that offer such services is largely dependent on how the software applications that provide the service are designed. A poorly designed application program can result in lost business opportunities, squandered good will, and other detriments. In contrast, a well designed application program can foster positive consumer sentiment and a healthy financial situation. In light of the promise shown of network services and the reliance of network services on good software design, it would represent a significant advancement in the art to provide technologies that enhance the way people design software applications that support network services.
FIG. 1 illustrates the relevant features of what is understood to be the current state of the art with regards to the network design of service providers. A service provider 110 provides a service to client groups 120 (e.g., client groups 120a through 120n) that reside outside of the trust boundary 130 of the service provider. The service provider 110 does not trust information provided from entities such as clients 120 that reside outside of the trust boundary 130. In other words, the service provider 110 does not rely on such externally provided information being accurate and thus independently verifies such information.
On the other hand, the internal components of the service provider 110 generally trust information provided internally between them as they are all within the trust boundary. Such internally provided information may be verified to make sure that the information was properly transmitted internally. However, the internally provided information is not verified for accuracy since the components internal to the service provider 110 are trusted to each other. In essence, although internal errors may occur, the components within the service provider 110 can depend on the other internal components not being malicious. The same cannot be said of the clients 120.
The service provider 110 includes current data source 111, which stores the mission-critical data that reflects the accurate and most up-to-date state of the service. For example, if the service provider is an on-line video store, the current data may include an up-to-date listing of the videos offered for sale as well as the quantity of each video in stock. A primary logic component 112 encapsulates the current data source 111 so that only it directly accesses the current data source.
The service provider also includes client interactive logic components 111a through 113n that interact with client groups 120a through 120n, respectively. Each client interactive logic component includes reference data 114 (e.g., 114a through 114n, respectively), and single user writable data 115 (e.g., 115a through 115n, respectively). The reference data is based on the current data and is used in the interactions with the client. The single user writable data for a particular client interactive logic component includes user data for the client group with which the particular client interactive logic component communicates. Only the client itself affects single user writable data having to do with that client. A classic example of single user writable data is shopping cart data electronically representing items the user has selected for purchase.
Each client interactive logic component 113 interacts with a client 120 by receiving requests from the client 120, transmitting reference data to the client as appropriate, and generating requests for the primary logic component 112. For example, in the on-line video store example, a client may transmit a request to view a selection of videos. In response, the client interactive logic component may extract a list of videos from the reference data and transmit the list to the client. The client may then send a request to purchase an item within the list. During this interaction, the client interactive logic component may extract user data from the client-originated messages. This single user writable data may include buyer name, buyer address, credit card number, shipping address, item ordered, quantity ordered, and any other relevant information specific to the user that may be helpful in completing the service or transaction.
The client interactive logic component 113 then generates a formal request for services recognized by the primary logic component 112 by using the appropriate fields from the reference data (e.g., item number and title) and from the single user writable data (e.g., quantity ordered, shipping address and buyer name). The primary logic component 112 would then cause the shipment to be processed and would update the current data to reflect the change in inventory levels.
The primary logic component 112 periodically updates the reference data by transmitting updates to the client interactive logic components 113. The updates are based on the current data as the current data existed at a previous instant in time. If the reference data was too out of date, the client may make a request that cannot be fulfilled due to changes in the current state of the service. For example, in the on-line video business example, the client may request to purchase a certain video that was indicated to be available but has become unavailable since the reference data was last updated. In this case, the request would fail thereby harming the good will of the service provider.
In order to guard against such harm in conventional service provider architectures, updates are provided to the reference data frequently enough that the risk of data mismatch between the reference data and the current data is minimized to a level acceptable to the service provider. This frequent updating of potentially large volumes of reference data means that the communication bandwidth between the primary logic component 112 and the client interactive logic components 113 should be relatively high.
In summary, in the conventional network service architecture, the primary logic component 112 that manages the current data trusts the client interactive logic components 113 that interact with the client 120. Furthermore, the primary logic component 112 provides frequent updates to the reference data so as to avoid errors based on staleness of the reference data. Since it is easier to maintain trust and maintain high bandwidth in tightly coupled networks where the network is physically consolidated, there is a strong motivation to tightly couple and physically consolidate the conventional network service configuration of a service provider.
Although such tight integration has its advantages in conventional network service architectures, it will become clear from this description that it would represent a revolutionary advancement in the state of the art to provide a network service architecture that is not constrained by such tight integration.
The present invention liberates service provider architecture by allowing the primary logic component that manages the live current data of the service provider to be autonomous from the client interactive logic components. The client interactive logic components have reference data and single user writable data and function to interact with the client and form formal requests that will be recognized by the primary logic component.
However, unlike the conventional architecture, formal requests submitted from the client interactive logic components are not trusted by the primary logic component. Instead, information within the formal request is validated for accuracy before the request is honored. Since the primary logic component does not rely on the accuracy of information provided by the client interactive logic components, the service provider need not ensure that the client interactive logic components provide accurate information. Accordingly, this liberates the client interactive logic components and the primary logic component from needing to run in a common sphere of trust.
Further flexibility may be obtained by the client interactive devices generating requests that are commutative. In other words, the requests specify the desired service in an abstract manner so that the ordering of request handling may be adjusted as needed to reduce the chanced that a request will be denied. This gives the primary logic component flexibility on how to handle a group of requests so as to avoid request conflict when the requests are based on stale reference data.
The service provider also assists in handling requests based on stale data by establishing policies that recognize the existence of stale data. For example, suppose that a hotel reservations service provider publishes room rates as reference data. Now suppose that the room rates are updated in the reference data every week. If the room rates in the current data are updated daily, the client interactive logic component may likely have stale reference data at any given time. In order to deal with this stale data, the service provider would have policies that accept requests in which the room rate extracted from outdated reference data is as old as two weeks. This avoids the situation where the hotel reservation service provider publishes room rates that are not ultimately honored by the hotel reservation service provider.
By alleviating the primary logic component from having to trust the client interactive logic components and by allowing for more staleness in the reference data of the client interactive logic components, there is more flexibility on where the client interactive logic components are located and how they relate to the primary logic component. In other words, although the client interactive logic component may be located on the same server or local area network as the primary logic component, the client interactive logic component also has the flexibility to be remotely located from the primary logic component. For example, the client interactive logic component may run on a Web farm associated with the client, on the same local area network as the client, or even on the same machine as the client, even though the client is remote from the primary logic component. The client interactive logic component may even be remotely downloaded from a remote service provider for local execution on a lap top computer without changing the code of the client interactive logic component. In this case, the client interactive logic component may interact with the client while the client is off line.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by the practice of the invention. The features and advantages of the invention may be realized and obtained by means of the instruments and combinations particularly pointed out in the appended claims. These and other features of the present invention will become more fully apparent from the following description and appended claims, or may be learned by the practice of the invention as set forth hereinafter.